4 Dec
2009
4 Dec
'09
10:48 p.m.
lst_hoe02(a)kwsoft.de wrote:
Have i got it right that you plan to operate some sort of LDAP directory
as "cache" for numerous others like ldap://directory.bridge-ca.org and
others?
Yes LDAP or HTTP (see for example rfc4387)
It's similar to a PGP key server.
If Djigzo get really widely used this can get
expensive i guess...
A certificate is not that big and you only need to retrieve it once but
yes if it becomes really popular you'll need multiple servers,
redundancy etc.
Hm, it would not be that security sensitive as the
Djigzo instances do
the querys should still check if the certificates which they get are
valid, so one could start with some sort of VPS with around 10Euro/month
as server.
We have our own rack so we host our own server.
Yes you are right in that the Djigzo server should decide whether a
certificate is trusted or not (the owner decides which roots to trust)
so you don't need to trust the directory
But the main question would be how to get the
certificates in the store.
I was thinking of the following. The directory server trusts some of the
main CAs (like Verisign, StartSSL, CACert etc). If someone starts a
search for a certificate the directory cache will checks it's cache and
also checks all external servers (Verisign, CACert etc) for matching
certs. If an external server has a matching cert it will be stored in
the cache. A user can also upload a certificate. If the certificate is
trusted (ie issued by a root trusted by the directory cache) it will be
automatically accepted. If the certificate is not trusted the user has
to finish a captcha test (to prevent someone from 'spamming' the
directory). Or if you are an approved user you can be allowed to upload
certificates without a captcha test.
Kind regards,
Martijn Brinkers
--
Djigzo open source email encryption